Re: [Distutils] Announcement: Pip 10 is coming, and will move all internal APIs

Thanks for writing that detailed explanation, Paul (and all your other hard work!) Richard On 21 October 2017 at 21:03, Paul Moore <p.f.mo...@gmail.com> wrote: > On 20 October 2017 at 23:53, Richard Jones <r1chardj0...@gmail.com> wrote: > > Hiya Paul, > > >

Re: [Distutils] Announcement: Pip 10 is coming, and will move all internal APIs

Hiya Paul, There's a bunch of tooling out there using pip's internals to extending pip's functionality. Could you please provide a some reasoning as to why they're all going to be broken at pip 10, and possibly some guidance on how to get that functionality back? Cheers, Richard On 21

Re: [Distutils] Malicious packages on PyPI

On 2 June 2017 at 18:05, Nick Coghlan wrote: > On 2 June 2017 at 09:00, Nick Timkovich wrote: > > This issue was also brought up in January at > > https://github.com/pypa/pypi-legacy/issues/585 then just as after the > > initial "typosquatting PyPI"

Re: [Distutils] Malicious packages on PyPI

On 2 June 2017 at 09:00, Nick Timkovich wrote: > This issue was also brought up in January at https://github.com/pypa/pypi- > legacy/issues/585 then just as after the initial "typosquatting PyPI" > report (June 2016) it's met with resounding silence. Attacking the >

Re: [Distutils] Malicious packages on PyPI

On 2 June 2017 at 03:40, Thomas Kluyver wrote: > On Thu, Jun 1, 2017, at 06:32 PM, Matt Joyce wrote: > There *appear* to be, but I checked several of the names listed there, and > they're not on PyPI: > > https://pypi.python.org/pypi/tkinter >

[Distutils] Calling for a volunteer to help admin PyPI

Hi all, I've fallen seriously behind in trying to admin PyPI by myself, and I'm calling for someone to help. Generally this means helping people reset their email address for account recovery, or trying to contact owners of packages to facilitate ownership changes. The *ahem* "tools" available

Re: [Distutils] Parked Names in PyPI under user rodmena

--- > From: Donald Stufft <don...@stufft.io> > Sent: ‎4/‎19/‎2016 21:52 > To: Richard Jones <rich...@python.org> > Cc: disutils-sig <distutils-sig@python.org>; Christopher Wilcox > <pyt...@crwilcox.com> > Subject: Re: [Distutils] Parked Names in PyP

Re: [Distutils] Parked Names in PyPI under user rodmena

Just to be clear, are you the user "Microsoft"? You're not posting from a @ microsoft.com email domain, is all. Or are you just a "concerned citizen"? Because in the case of the latter there's really nothing for me to do here without a request from someone actually wanting to do something with the

Re: [Distutils] Parked Names in PyPI under user rodmena

The usual process is to request such things through the support tracker so there's a 'paper trail', but I've been unable to attend to the queue of requests there recently so I'm going to make a special effort here. Please do consider making a request in the support tracker though, thanks. I'll

Re: [Distutils] The mypy package

On 18 April 2016 at 08:46, Guido van Rossum wrote: > In a similar vein, the package distributor is listed as "zuroc" -- would > this be someone else or just an alias for the owner? > That's the same person mentioned in your original mail. Richard

Re: [Distutils] The mypy package

Hi Guido, Because this sort of thing has come up a lot in the past, and because I've copped trouble for mishandling it in the past, I took the trouble of writing up a formal description of how I handle these sorts of issues:

Re: [Distutils] What's up with PyPi maintenance?

On 16 March 2016 at 03:41, Chris Barker wrote: > Probably not the right list but: > > There are a number of folks having issue siwth new PyPi pacakges not being > found by search: > > > https://bitbucket.org/pypa/pypi/issues/412/my-package-doesnt-show-up-in-search > >

Re: [Distutils] Versioned trove classifiers for Django

; we release this, but we are starting to think about what we want to put in > there. > So this one: > > Framework :: Plone :: 5.1 > > Thanks, > > Maurits > > Op 02/12/15 om 01:54 schreef Richard Jones: > >> At the moment it's a manual poke, but I have done this thing

Re: [Distutils] Versioned trove classifiers for Django

At the moment it's a manual poke, but I have done this thing right now. On 2 December 2015 at 10:46, James Bennett wrote: > Reviving this old thread because today is Django 1.9's release date and > I'm unsure of the process for keeping up with new-released versions in >

Re: [Distutils] Unable to login to PyPi

Hi Mike, Sorry, but this is a known problem that no-one has time to investigate or fix. Richard On 29 September 2015 at 01:31, Mike O'Driscoll wrote: > Hello, > > I have been unable to login to the PyPi site for nearly a month now via > OpenID (launchpad). > > I

Re: [Distutils] dump of all PyPI project metadata available?

On 22 July 2015 at 15:07, Brett Cannon bcan...@gmail.com wrote: When I wrote https://nothingbutsnark.svbtle.com/python-3-support-on-pypi I wrote a script to download every project's JSON metadata by scraping the simple index and then making the appropriate GET request for the JSON metadata.

Re: [Distutils] Phantom release/file and now can't upload

This is very strange - perhaps there's a caching issue or something, but there's a file present on that release when I look now :/ On 7 July 2015 at 15:09, James Bennett ubernost...@gmail.com wrote: Earlier tonight I was trying to upload a new version (1.1) of

Re: [Distutils] Phantom release/file and now can't upload

. On Tue, Jul 7, 2015 at 4:23 PM, Richard Jones rich...@python.org wrote: This is very strange - perhaps there's a caching issue or something, but there's a file present on that release when I look now :/ On 7 July 2015 at 15:09, James Bennett ubernost...@gmail.com wrote: Earlier tonight I

Re: [Distutils] OpenID login is broken for PyPI

Hi, PyPI is being kept on life-support, and I do not currently have time to debug LaunchPad's openid. The only active development at present is warehouse. On Mon, 4 May 2015 at 05:49 anatoly techtonik techto...@gmail.com wrote: Hi, Can't login with Google and with LaunchPad. Google breakage

Re: [Distutils] [pycon] Packaging-related discussions

ncogh...@gmail.com wrote: On 3 Apr 2015 07:03, Richard Jones rich...@python.org wrote: I can't speak for any plans others active in the PyPA might have, but I'll be using the sprint time to work on Warehouse and hopefully help others work on it also. I'm almost certain that my hallway

Re: [Distutils] [pycon] Packaging-related discussions

Could the BoF be Friday instead please? Saturday is International Tabletop Day, and there's a bunch of us will be celebrating that :) On Fri, 3 Apr 2015 at 08:46 Nick Coghlan ncogh...@gmail.com wrote: On 3 Apr 2015 07:03, Richard Jones rich...@python.org wrote: I can't speak for any plans

Re: [Distutils] [pycon] Packaging-related discussions

I can't speak for any plans others active in the PyPA might have, but I'll be using the sprint time to work on Warehouse and hopefully help others work on it also. I'm almost certain that my hallway track time will involve many packaging-related discussions, as it always does :) Richard

Re: [Distutils] Versioned trove classifiers for Django

Added! Framework :: Django :: 1.4 Framework :: Django :: 1.5 Framework :: Django :: 1.6 Framework :: Django :: 1.7 Framework :: Django :: 1.8 On Mon, 30 Mar 2015 at 16:09 James Bennett ubernost...@gmail.com wrote: I would be OK with including 1.5 just for completeness' sake.

Re: [Distutils] Versioned trove classifiers for Django

Hi James, I tend to just require that there already exists a number of packages that would use the classifier. Sounds like that's the case? Richard On Mon, 30 Mar 2015 at 15:50 James Bennett ubernost...@gmail.com wrote: Following up on some IRC discussion with other folks: There is

Re: [Distutils] Versioned trove classifiers for Django

will be an immense help to the Django ecosystem. --Danny On Sun, Mar 29, 2015 at 9:58 PM, Richard Jones rich...@python.org wrote: Hi James, I tend to just require that there already exists a number of packages that would use the classifier. Sounds like that's the case? Richard

Re: [Distutils] JSONP: Deprecation and Intent to Remove

+1, JSONP was an interim hack solution way before CORS was an option. On Thu, 19 Mar 2015 at 13:58 Donald Stufft don...@stufft.io wrote: For awhile now PyPI has supported JSONP on the /pypi/*/json API to allow people to access the JSON data in a cross origin request. JSONP is problematic

Re: [Distutils] Upload signature (and signing key) after package upload

Sorry, there's no facility at present for signing a file that's already uploaded. On Mon Feb 23 2015 at 10:33:49 AM Ben Finney ben+pyt...@benfinney.id.au wrote: Howdy all, How can I upload an OpenPGP signature (and the signing key) for a version, after the upload of the distribution is

Re: [Distutils] PyPI search engine slow

Thanks for pointing that out. There's not lot we can do immediately, as any significant improvement to search will require architecture changes. Or, do what I do: use Google :) [in the Bad Old Days, we used google site search, but people complained that the results weren't pretty enough] On Sat

Re: [Distutils] Surviving a Compromise of PyPI - PEP 458 and 480

Thanks for the clarification, guys. Donald, I'm not sure what you mean by a compromise of the CDN for *uploading*. On Wed Dec 31 2014 at 1:21:18 PM Donald Stufft don...@stufft.io wrote: On Dec 30, 2014, at 8:24 PM, Nick Coghlan ncogh...@gmail.com wrote: On 23 December 2014 at 04:15,

Re: [Distutils] Surviving a Compromise of PyPI - PEP 458 and 480

Now that I think about it, I'm almost certain that Donald and I have had the hey, what about an upload.pypi.python.org conversation in the past, as a way around issues involving the CDN :) Still a good idea, in my opinion. Richard On Wed Dec 31 2014 at 3:01:53 PM Nick Coghlan

Re: [Distutils] Detecting rst errors when uploading to pypi

It has been a while since Pygments was updated in that environment, so I've updated it. The PyPI code required a language argument, so I fixed that as well. Richard On Mon Dec 29 2014 at 10:54:50 AM John Anderson son...@gmail.com wrote: On Sun, Dec 28, 2014 at 9:02 AM, Marius Gedminas

Re: [Distutils] Requesting PyPI classifiers for Sphinx

On Thu Nov 27 2014 at 9:08:40 AM Donaldo Fastoso donquest...@rocketmail.com wrote: Somewhat OT, but i was wondering if there is documentation helping to choose the right classifiers if the choice is not obvious. For example i find the Development Status classifiers somewhat quirky: 3

Re: [Distutils] Requesting PyPI classifiers for Sphinx

On Wed Nov 26 2014 at 9:47:07 PM Takayuki Shimizukawa shimizuk...@gmail.com wrote: Hi Fred, On Tue Nov 25 2014 at 23:12:14 Fred Drake f...@fdrake.net wrote: On Wed, Nov 19, 2014 at 10:16 AM, Takayuki Shimizukawa shimizuk...@gmail.com wrote: I'd like to request classifiers for the Sphinx

Re: [Distutils] Requesting PyPI classifiers for Sphinx

Thanks for that, Fred. I've added all four classifiers. Richard On Thu Nov 27 2014 at 9:26:24 AM Fred Drake f...@fdrake.net wrote: On Wed, Nov 26, 2014 at 5:15 PM, Richard Jones rich...@python.org wrote: Do you have any idea of the number of existing packages that would fit under

Re: [Distutils] API CHANGE - Migrating from MD5 to SHA2, Take 2

+1 thanks for the detail On 14 November 2014 13:21, Donald Stufft don...@stufft.io wrote: Starting a new thread with more explicit details at Richard’s request. Essentially the tl;dr here is that we'll switch to using sha2 (specifically sha256). Simple API -- Drop the #md5= from

Re: [Distutils] PEP425 - Wheel Binary Package Compatibility

It could get quite messy, without consensus. I figured custom tags would be a more local thing. On 30 October 2014 11:17, Donald Stufft don...@stufft.io wrote: On Oct 29, 2014, at 7:57 PM, Nick Coghlan ncogh...@gmail.com wrote: On 30 Oct 2014 07:20, Marcus Smith qwc...@gmail.com wrote:

Re: [Distutils] Process for taking over abandoned packages

I am currently trying to decide what to do in the case of this request: https://sourceforge.net/p/pypi/support-requests/420/ It is remarkably similar to the request which only just recently got me into trouble, with the slight difference that there may be a trademark issue which I am definitely

Re: [Distutils] Process for taking over abandoned packages

Yep, I get notified of comments, thanks. I'll add information on how to start the process - I always require an issue in the support tracker. On 14 October 2014 18:54, holger krekel hol...@merlinux.eu wrote: On Tue, Oct 14, 2014 at 13:38 +1100, Richard Jones wrote: Thanks for raising

Re: [Distutils] Process for taking over abandoned packages

Thanks for raising squatting as a concern. I have added what I think is a reasonable method of handling squatting (or otherwise unused name registrations): https://docs.google.com/document/d/1elum7ENjQb0dLB4ATfYNtnXYVLUzsKacc0VWnHHJb2A/edit?usp=sharing Richard On 14 October 2014 12:40,

Re: [Distutils] Create formal process for claiming 'abandoned' packages

Hi folks, sorry for the delay, I was on vacation and then catching up on stuff. I've composed a draft of the policy and I welcome your comments (in the doc, please): https://docs.google.com/document/d/1elum7ENjQb0dLB4ATfYNtnXYVLUzsKacc0VWnHHJb2A/edit?usp=sharing My apologies if I've missed some

Re: [Distutils] Immutable Files on PyPI

The intent was always that files were immutable. The deleting loophole is just something that I never got around to fixing. +1 to fix that bug :) On 29 September 2014 07:23, Donald Stufft don...@stufft.io wrote: On Sep 28, 2014, at 5:21 PM, Ethan Furman et...@stoneleaf.us wrote: On

Re: [Distutils] Immutable Files on PyPI

Just to reiterate: from the beginning uploaded files were immutable, but the later addition of deletion gave uploaders the loophole through which they could not confuse downloaders of their packages. On 29 September 2014 07:36, M.-A. Lemburg m...@egenix.com wrote: On 28.09.2014 21:31, Donald

Re: [Distutils] Immutable Files on PyPI

:54, Richard Jones rich...@python.org wrote: Just to reiterate: from the beginning uploaded files were immutable, but the later addition of deletion gave uploaders the loophole through which they could not confuse downloaders of their packages. On 29 September 2014 07:36, M.-A. Lemburg m

Re: [Distutils] Immutable Files on PyPI

He means a file with the same file name, but not necessarily the same content. On 29 September 2014 07:54, John Yeuk Hon Wong gokoproj...@gmail.com wrote: On 9/28/14 5:23 PM, Donald Stufft wrote: You can delete them and then reupload the same file with different contents. Sorry, but I

Re: [Distutils] Immutable Files on PyPI

On 29 September 2014 08:02, Donald Stufft donald.stu...@rackspace.com wrote: I forgot to mention, there is also testpypi.python.org which can be used to test builds prior to publishing them to PyPI. There is also devpi which I believe has the option to push from one of the devpi indexes

Re: [Distutils] Create formal process for claiming 'abandoned' packages

On 20 September 2014 04:47, Daniel Greenfeld pyda...@gmail.com wrote: In order to claim a package as being abandoned it should undergo a formal process that includes: * Placement on a PUBLIC list of packages under review for a grace period to be determined by this discussion This is not

Re: [Distutils] Create formal process for claiming 'abandoned' packages

Hi all, Having had some time to think this over, I will attempt to explain what the current process is, and how I believe I should change it. It's worth noting that I'm the only person who handles support issues for PyPI (years ago Martin von Lowis also did this, and Donald Stufft has handled one

Re: [Distutils] Taking over an inactive package

Hi Bence, Please file a support issue using the link in the pypi sidebar. Richard On 2 September 2014 12:08, Bence Nagy be...@underyx.me wrote: Hey there, I've submitted a pull request on GitHub[0] for the package Flask-Redis[1] 6 months ago. It didn't contain anything of real

Re: [Distutils] PyPI CDN problem

Try clearing your cookies for PyPI and see if that helps. It has helped me in the past. On 22 August 2014 17:02, Adam GROSZER agros...@gmail.com wrote: Hi, On some mornings (today too) I get such errors when trying to access any package on PyPI: Error 503 backend read error backend read

Re: [Distutils] Accepting PEP 440: Version Identification and Dependency Specification

Wow, a huge thanks to everyone named (as well as you, Nick ;) for persevering and getting this through. On 22 August 2014 22:34, Nick Coghlan ncogh...@gmail.com wrote: I just pushed Donald's final round of edits in response to the feedback on the last PEP 440 thread, and as such I'm happy to

Re: [Distutils] PEP 470 discussion, part 3

[apologies for the terrible quoting, gmail's magic failed today] On 24 July 2014 17:41, Donald Stufft don...@stufft.io wrote: On July 24, 2014 at 7:26:11 AM, Richard Jones (r1chardj0...@gmail.com) wrote: This PEP proposes a potentially confusing break for both users and packagers

Re: [Distutils] PEP 470 discussion, part 3

On 25 July 2014 15:21, Nick Coghlan ncogh...@gmail.com wrote: On 25 July 2014 23:13, Richard Jones r1chardj0...@gmail.com wrote: A variation on the above two ideas is to just record the *link* to the externally-hosted file from PyPI, rather than that file's content. It is more error-prone

Re: [Distutils] Other ideas from today's packaging meetup at EuroPython

Linux wheels are generally not compatible in a non-local sense, so it's unlikely those will be distributable through PyPI. That would also mean it's probably unlikely they'll be built there. Something related to this also cane up in discussion at europython but I don't want to steal any thunder

Re: [Distutils] PEP 470 discussion, part 3

Thanks for responding, even from your sick bed. This message about users having to view and understand /simple/ indexes is repeated many times. I didn't have to do that in the case of PIL. The tool told me use --allow-external PIL to allow and then when that failed it told me use

Re: [Distutils] PEP 470 discussion, part 3

end up where I can have you install “django-foobar” which depends on “FakeDjango”, which provides “Django”, and then for all intents and purposes you have a “Django” package installed. Can you go into more detail? Particularly, the part where FakeDjango provides Django. Richard Jones

[Distutils] Other ideas from today's packaging meetup at EuroPython

Several great ideas came out of today's meetup. Some of those I'll leave to the proponents themselves to post about, but a couple of little nuggets for thought: 1. reject wheel uploads in the absence of an sdist in the index (the linux guys were really happy about that as a proposal ;) 2. add a

Re: [Distutils] Packaging meetup @ EuroPython 2014

...@ubuntu.com wrote: Am 21.07.2014 14:09, schrieb Richard Jones: I've set the time for the packaging meetup to 11:00 this Thursday. There is currently no meeting room available for such a gathering, so we'll just meet outside in the garden. hi, I'll be there if I can get

[Distutils] PEP 470 discussion, part 3

I have been mulling over PEP 470 for some time without having the time to truly dedicate to addressing it. I believe I'm up to date with its contents and the (quite significant, and detailed) discussion around it. To summarise my understanding, PEP 470 proposes to remove the current link

[Distutils] Packaging meetup @ EuroPython 2014

I've set the time for the packaging meetup to 11:00 this Thursday. There is currently no meeting room available for such a gathering, so we'll just meet outside in the garden. Richard ___ Distutils-SIG maillist - Distutils-SIG@python.org

Re: [Distutils] PyPI not rendering ReST long_description

Hi, I just want to note that I'm aware of this issue and I have do something about it in my long TODO. That link is malformed in any case - docutils just passes it on through and you're just lucky that browsers will guess that it is supposed to have a http://; scheme on the front. PyPI does

Re: [Distutils] PyPI not rendering ReST long_description

Yep, I understand and sympathise with the frustration. On 15 July 2014 19:24, Wichert Akkerman wich...@wiggy.net wrote: On 15 Jul 2014, at 11:22, Richard Jones rich...@python.org wrote: Hi, I just want to note that I'm aware of this issue and I have do something about it in my long TODO

Re: [Distutils] Let's summit at EuroPython

On 3 July 2014 17:03, holger krekel hol...@merlinux.eu wrote: Hi Richard, On Wed, Jul 02, 2014 at 21:25 -0400, Donald Stufft wrote: On Jul 2, 2014, at 9:07 PM, Richard Jones r1chardj0...@gmail.com wrote: Hi folks, I'd like to get interested folks together at EuroPython to get up

[Distutils] Let's summit at EuroPython

Hi folks, I'd like to get interested folks together at EuroPython to get up to date, talk through current issues and generally catch up on all things Python Packaging. Specific things we'll be talking about: - current tools: where they're at and what their plans are - the state of PEPs 426,

Re: [Distutils] Question about PyPI's Twitter feed

I don't know who maintains it. On 20 May 2014 23:45, Donald Stufft don...@stufft.io wrote: On May 20, 2014, at 9:39 AM, Max Norris max.tarana...@gmail.com wrote: The PyPI Twitter feed stopped updating a couple of weeks back -- kind of missing seeing it, found all sorts of fun things I

[Distutils] How can we handle package renaming?

I occasionally receive requests from package maintainers asking to have their PyPI package renamed (for example, renaming eyepea_monitoring_agent to tanto). The only response I have at the moment is to tell them to release their package under both the new and old names in parallel, and promote

Re: [Distutils] Pycon

I'll be there, doing my best to hold up the PyPI / Warehouse banner. And work on some of the code during the sprints, assuming I don't get distracted by writing another PEP like last time (but look where that eventually led us :) I am most likely going to go to the language summit as a lurker to

Re: [Distutils] PEP464 - Removal of the PyPI Mirror Authenticity API

Let's do it. PEP accepted. On 22 March 2014 07:51, Donald Stufft don...@stufft.io wrote: Ping on a decree/pronouncement for this? :] On Mar 11, 2014, at 3:53 PM, Christian Theune c...@gocept.com wrote: On 11. Mar2014, at 20:01, Donald Stufft don...@stufft.io wrote: I think maybe

Re: [Distutils] PyPI Migrated to New Infrastructure with some Breakage

It definitely looks like we've got some issues introduced in recent server migrations and reconfigurations. Things I'm aware of: - OAuth is busted - OpenID is confused and/or busted - password reset is possibly busted - pypissh is busted Richard On 27 January 2014 00:26, Alex Clark

Re: [Distutils] PyPI Migrated to New Infrastructure with some Breakage

Thanks everyone who helped make this happen. From my perspective* I believe the ssh upload mechanism was added to address security issues around the basic-auth-over-http method used historically. Now uploads *may* be done over https, and those using the ssh method can move over to using twine or

Re: [Distutils] PyPI Migrated to New Infrastructure with some Breakage

I'll get in touch with Martin. On 26 January 2014 11:40, Nick Coghlan ncogh...@gmail.com wrote: On 26 Jan 2014 09:51, Richard Jones rich...@python.org wrote: Thanks everyone who helped make this happen. Indeed - fine work! :) From my perspective* I believe the ssh upload mechanism

Re: [Distutils] (no subject)

[Oops. I keep forgetting to check the bitbucket tracker for support issues which are intended to (and mostly do) go to the sourceforge tracker.] As the PyPI admin, I deal with naming issues that come up, which happens not too frequently thankfully. Usually they're resolved reasonably easily when

Re: [Distutils] Can pypi python 3 packages be sorted please?

Hi, (just FYI I live in UTC+10 so immediate responses sometimes aren't reasonable to expect), could you clarify which list of Python 3 packages you're referring to? I presume it's this one: https://pypi.python.org/pypi?:action=browsec=533show=all In which case I think I might be able to quickly

Re: [Distutils] Please accept Python 3.4 selector

On 5 December 2013 23:22, Jesus Cea j...@jcea.es wrote: Programming Language :: Python :: 3.4 Added! ___ Distutils-SIG maillist - Distutils-SIG@python.org https://mail.python.org/mailman/listinfo/distutils-sig

Re: [Distutils] .. *explicitly* mark the package as pre-release

There is no way to mark a release as pre-release but you can hide it from view which would prevent an installer discovering any files related to the release. Log into PyPI and use the releases page for the project. On 30 November 2013 22:05, anatoly techtonik techto...@gmail.com wrote: hi,

Re: [Distutils] .. *explicitly* mark the package as pre-release

I was working from (clearly hazy) memory. Sorry for the red herring. On 1 December 2013 09:10, Donald Stufft don...@stufft.io wrote: Hiding a release doesn’t hide it from the simple index, so installers will still find it. On Nov 30, 2013, at 4:59 PM, Richard Jones rich...@python.org wrote

Re: [Distutils] Warehouse and XMLRPC

Hi Matt, What method you were calling? What arguments did you pass? What xml-rpc library you were using? Actual code would be ideal. Thanks, Richard On 16 November 2013 18:12, Matt Wilkie map...@gmail.com wrote: On Fri, Nov 15, 2013 at 7:12 PM, Donald Stufft don...@stufft.io wrote:

Re: [Distutils] Warehouse and XMLRPC

on the link in my browser (FF), no rpc call was made. I expected a not for browsers message or similar rather than an error. -matt On Sat, Nov 16, 2013 at 12:29 AM, Richard Jones rich...@python.orgwrote: Hi Matt, What method you were calling? What arguments did you pass? What xml-rpc library

[Distutils] HTTPS upload to PyPI

Because (distutils history) it's currently not possible to python setup.py upload using the secure HTTPS URL of PyPI. It is possible using twine* which I'd like to promote at: https://pypi.python.org/pypi(in the Package Authors box) http://docs.python.org/3/distutils/packageindex.html I

Re: [Distutils] PyPI pull request

I have merged that PR but I really don't see any point in making any changes to the current codebase beyond fixing significant issues. Cleaning it up is not a priority. I've merged this PR to clean up the PyPI project page on bitbucket a little, but I would ask that no further cosmetic PRs be

Re: [Distutils] PyPI audit log

Thanks for noticing, we'll have a look. Richard On 25 October 2013 02:14, Gabriel de Perthuis g2p.c...@gmail.com wrote: Hello, The IP log that shows who did what on PyPI pages shows some IPs that have no business being there; they seem to come from CDNs, in my case fastly and wikia.

Re: [Distutils] Fwd: PEP 453 (ensurepip) updated

Yay! Thanks everyone involved, especially Donald and Nick. On 22 October 2013 23:05, Nick Coghlan ncogh...@gmail.com wrote: For those distutils-sig residents that don't follow python-dev, a certain PEP was formally accepted today :) -- Forwarded message -- From: Martin v.

Re: [Distutils] Remove the Mirror Authenticity API

I've edited the /mirrors page to reflect the new mirroring reality (and pushed to the repos which I *think* will result in it being pushed to the server, yes?) Richard On 29 September 2013 16:13, Nick Coghlan ncogh...@gmail.com wrote: On 29 September 2013 13:07, Donald Stufft

Re: [Distutils] Remove the Mirror Authenticity API

Like Nick I'm not sure I see the urgency here. I'm going to add a deprecation statement to the public mirroring page at /mirrors so it's clear that protocol is dead (not just resting). Richard On 29 September 2013 13:07, Donald Stufft don...@stufft.io wrote: On Sep 28, 2013, at 10:16

Re: [Distutils] README file format and pypi.python.org

I added the use of README to catch all the github users who weren't filling in their long_description (but also weren't using Markdown - I just didn't find the time to also add something to detect Markdown and render it). On 23 September 2013 08:01, Chris Jerdonek chris.jerdo...@gmail.com wrote:

[Distutils] PEP 449 -- Removal of the PyPI Mirror Auto Discovery and Naming Scheme

Hi all, Given that I believe all outstanding issues with PEP 449 http://python.org/dev/peps/pep-0449/ have been resolved I will accept it in its current form (last modified August 16) so the immediate changes may be made and publicity of the change can be started. My thanks to everyone involved

Re: [Distutils] Request to add a trove classifier for pelican plugins

Sorry Alexis! I'm a little confused as to how Pelican deserves to be considered a framework. Generally before we add a Framework classifier we need to see a number of packages in PyPI which would have that classifier applied to them. Can you point to such packages? Richard On 1 August

[Distutils] What to do about the PyPI mirrors

Hi all, I've just been contacted by someone who's set up a new public mirror of PyPI and would like it integrated into the mirror ecosystem. I think it's probably time we thought about how to demote the mirrors: - they cause problems with security (being under the python.org domain causes

Re: [Distutils] PEP 439 and pip bootstrap updated

The point of PEP 439 is that the current situation of but first do this for any given 3rd-party package installation was a bad thing and we desire to move away from it. The PEP therefore proposes to allow just do this to eventually become the narrative. The direction this conversation is heading

Re: [Distutils] PEP 439 and pip bootstrap updated

On 10 July 2013 18:28, Tres Seaver tsea...@palladion.com wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 07/09/2013 11:20 PM, Donald Stufft wrote: doesn't PyEnv which is bundled with Python 3.3+ replace virtualenv? What's the purpose of including virtualenv in the bootstrap?

Re: [Distutils] PEP 439 and pip bootstrap updated

On 10 July 2013 19:08, Vinay Sajip vinay_sa...@yahoo.co.uk wrote: Richard Jones r1chardj0n3s at gmail.com writes: pip without virtualenv in python 2 contexts is pretty rare (or at least *should* be wink) so I think I'll retain it in that bootstrap code. Perhaps I misunderstand, but what's

Re: [Distutils] PEP 439 and pip bootstrap updated

On 10 July 2013 19:55, Vinay Sajip vinay_sa...@yahoo.co.uk wrote: Richard Jones richard at python.org writes: It makes sense to me (and Nick) to simplify the packaging overhead for users of Python 2. Currently the story is a bit of a mess (multiple sites with different approaches

Re: [Distutils] PEP 439 and pip bootstrap updated

On 11 July 2013 06:50, Paul Moore p.f.mo...@gmail.com wrote: I think python -m pip should be the canonical form (used in documentation, examples, etc). The unittest module has taken this route, as has timeit. Traditionally, python-dev have been lukewarm about the -m interface, but its key

[Distutils] PEP 439 and pip bootstrap updated

[firstly, my apologies for posting the announcement yesterday of the pip bootstrap implementation and PEP updates to the pypa-dev list instead of distutils-sig... I blame PyCon AU exhaustion :-)] Firstly, I've just made some additional changes to PEP 439 to include: - installing virtualenv as

Re: [Distutils] PEP 439 and pip bootstrap updated

On 10 July 2013 13:20, Donald Stufft don...@stufft.io wrote: On Jul 9, 2013, at 11:16 PM, Richard Jones r1chardj0...@gmail.com wrote: Firstly, I've just made some additional changes to PEP 439 to include: - installing virtualenv as well (so now pip, setuptools and virtualenv are installed

Re: [Distutils] PEP 439 and pip bootstrap updated

On 10 July 2013 14:18, Donald Stufft don...@stufft.io wrote: On Jul 9, 2013, at 11:47 PM, Richard Jones r1chardj0...@gmail.com wrote: On 10 July 2013 13:20, Donald Stufft don...@stufft.io wrote: On Jul 9, 2013, at 11:16 PM, Richard Jones r1chardj0...@gmail.com wrote: Firstly, I've just made

Re: [Distutils] PEP 439 and pip bootstrap updated

On 10 July 2013 14:19, Carl Meyer c...@oddbird.net wrote: They certainly do today, but that's primarily because pyvenv isn't very useful yet, since the stdlib has no installer and thus a newly-created pyvenv has no way to install anything in it. Ah, thanks for clarifying that. Certainly if

Re: [Distutils] PEP439 and upgrading pip

On 10 June 2013 06:43, Marcus Smith qwc...@gmail.com wrote: maybe this was covered before, but I'm looking for clarification on how pip upgrades are to work under PEP439. I see 3 relevant bits right now: 1) attempts to import pip machinery. If it can then the pip command proceeds as normal

Re: [Distutils] b.pypi.python.org

On 5 June 2013 01:22, ken cochrane kencochr...@gmail.com wrote: Brett, Here is the owner list that I can see on GAE - guido - kencochrane (me) - kumar.mcmillan - martin.v.loewis - r1chardj0n3s orly? I wouldn't know what to do with that :-) [if there is something I can do then I'm happy

Re: [Distutils] pypi protocol

The only interface documentation is linked from http://wiki.python.org/moin/CheeseShopDev which includes PEP 301 and http://peak.telecommunity.com/DevCenter/EasyInstall#package-index-api The rest is documented-in-code. Richard On 27 May 2013 06:08, Jonas Geiregat jo...@geiregat.org

Re: [Distutils] PEP 438 - Transition Phase 1

On 20 May 2013 08:09, PJ Eby p...@telecommunity.com wrote: On Sun, May 19, 2013 at 4:58 AM, holger krekel hol...@merlinux.eu wrote: Tensed to see how many people will switch without the mails I'll be waiting for the mails, myself, on account of I'm hoping it'll give me a nice list of which

  1   2   >